The Next Web

The Log4j bug exposes a bigger issue: Open-source funding (Updated)

Update (December 14 ,2021): We’ve updated this article with information about the new Log4j version release, along with new exploit vectors, and risks related to all Java versions. While you were ...
Threat Post

Relentless Log4j Attacks Include State Actors, Possible Worm

More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell. Call it a “logjam” of threats: Attackers including nation-state actors have already ...
The Conversation

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what’s at stake

Santiago Torres-Arias does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations ...
Searchenginejournal.com

Catastrophic Log4j Security Fail Threatens Enterprise Systems & Web Apps Worldwide

A serious code execution vulnerability in Log4j has security experts warning of potentially catastrophic consequences for enterprise organizations and web apps. A serious code execution vulnerability ...
Forbes

Will The Log4j Exploit Move Leaders To Heed Cybersecurity Warnings?

WASHINGTON, DC - AUGUST 25: U.S. President Joe Biden speaks during a meeting about cybersecurity in the East Room of the White House on August 25, 2021 in Washington, DC. Members of the Biden cabinet, ...
InfoQ

Log4j Version 1 Reaches End of Life

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Bleeping Computer

New zero-day exploit for Log4j Java library is an enterprise nightmare

Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises alike ...
Dark Reading

How to Prevent the Next Log4j-Style Zero-Day Vulnerability

Software testing is notoriously hard. Search Google for CVEs caused by basic CRLF (newline character) issues and you'll see thousands of entries. Humanity has put a man on the moon, but we still haven ...
CRN

12 Cybersecurity Vendors Susceptible To The Log4j Vulnerability

Vulnerable Log4j code can be found in products from prominent identity vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and ...
Business Wire

Tanium: The Leading Corporate Solution to Fully Identify and Remediate Log4j Vulnerabilities

KIRKLAND, WA--(BUSINESS WIRE)--Industry experts are naming Log4j one of the most severe internet and computer vulnerabilities they have encountered. The United States Cyber Security and Infrastructure ...